Security Framework Bridge

1. A method for bridging requests for access to resources between requestors in a distributed network and an authenticator servicing the distributed network: initiating a request for access to a resource through an application on a requestor in accordance with a request from a user, wherein the requestor has an IP address; intercepting the request for access to the resource; identifying the IP address of the requestor; verifying the requestor is allowed to initiate requests based on the IP address; identifying a type of the request for access to the resource as one of a plurality of types of requests; identifying the application initiating the request for access to the resource; verifying the application is an application that the requestor is allowed to use; verifying the type of the request is a type of request that the application has permission to initiate; and forwarding the request for access to the resource to the authenticator based on successfully verifying the requestor, verifying the application, and verifying the type of the request, wherein the authenticator verifies the identity of the user and authorizes the request for access to the resource based on successfully verifying the identity of the user.

2. The method of claim 1 , wherein the plurality of types of requests include a request to view information stored on the requested resource, delete information on the requested resource, add information on the requested resource, and to modify information on the requested resource.

3. The method of claim 1 , wherein information stored on the resource is one of information of access rights, passwords, identifications, authorizations, or data records.

4. The method of claim 1 , further comprising: requesting additional authorization information for protected resources, wherein the additional authorization information is obtained from one of a token card or a digital certificate.

5. The method of claim 1 , further comprising: comparing, by the authenticator, an authorization policy for the user with the requested resource and the type of the request to the requested resource, wherein the authenticator further authorizes the request for access to the resource based on successfully performing the comparison.

6. The method of claim 5 , further comprising: identifying groups the user belongs to, wherein comparing the authorization policy for the user with the requested resource and the type of request to the requested resource further comprises comparing the authorization policy for the user's groups with the requested resource and the type of the request to the requested resource.

7. The method of claim 1 , further comprising: identifying identification and authorization information of the user, wherein the authenticator verifies the identity of the user based on the identification and authorization information.

8. The method of claim 7 , further comprising: verifying a format of the identification and authorization information of the user.

9. The method of claim 7 , wherein verifying the requestor, verifying the application, and verifying the type of the request is performed prior to the authenticator verifying the identity of the user when the user is an internal user.

10. The method of claim 7 , wherein the authenticator verifying the identity of the user is bypassed when the user is an internal user.

11. The method of claim 7 , wherein the authenticator verifying the identity of the user is performed prior to verifying the requestor when the user is an external user.

12. A system for bridging requests for access to resources, comprising: an application server configured to execute an application that initiates a request for access to a resource in accordance with a user request, wherein the application server has an IP address; a security bridge coupled to the application server that intercepts the request and is configured to identify the IP address of the application server, identify a type of the request as one of a plurality of types of requests; and identify the application that initiates the request, and further configured to verify the application server is allowed to initiate requests based on the IP address, verify the application is an application that the application server is allowed to execute, and verify the type of the request for the requested resource is a type of request that the application has permission to initiate, wherein the security bridge forwards the request for access to the resource based on successfully verifying the requester, verifying the application, and verifying the type of the request; and an authenticator server coupled to the security bridge and configured to receive the forwarded request for access to the resource from the security bridge, verify the identity of the user, and authorize the request for access to the resource based on successfully verifying the identity of the user.

13. The system of claim 12 , wherein the security bridge further comprises: a naming service for storing a set of IP addresses of servers that are allowed to initiate request; a process rules set for storing what applications are allowed to be executed on the servers that are allowed to initiate requests; and a password rules set for storing a proper format for user identification and authorization information.

14. The system of claim 12 , wherein the security bridge is further configured to identify the format of any user identification and authorization information provided with the request and verify the format of the user identification and authorization information provided.

15. The system of claim 12 , further comprising: a web server coupled to the authenticator server configured to provide the authenticator server with identification and authorization information for external users, wherein the authenticator server verifies the identity of the user based on the identification and authorization information, and wherein the web server is further coupled to the application server for enabling the external users to execute the application.

16. The system of claim 15 , further comprising: a main policy store coupled to the authenticator server for storing a proper format for user identification and authorization information, wherein the authenticator server is further configured to verify the format of the identification and authorization information for the external users in accordance with the proper format stored in the main policy store.

17. The system of claim 12 , wherein the application server exclusively executes the application for internal users, and wherein the user is an internal user.

18. The system of claim 17 , wherein the internal user does not provide any identification and authorization information.

19. The system of claim 12 , further comprising: a security database coupled to the authenticator server configured to retrieve correct authorization information based on identification information of the user retrieved by the authenticator server.

20. The system of claim 19 , wherein the authenticator server verifies the identity of the user by comparing authorization information of the user retrieved by the authenticator server with the correct authorization information provided by the security database.